codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Switching data flow stage 3 to path-insensitive type pruning flow highlighted that the MaD clone models were providing false type information in the sense that they claim to be able...
I am trying to configure the CodeQL for WHQL testing, followed the steps mentioned in the link: [static-tools-and-codeql](https://learn.microsoft.com/en-us/windows-hardware/drivers/devtest/static-tools-and-codeql) I have ended up with below error. C:\codeql-home\codeql>**codeql --version** **CodeQL command-line toolchain...
I updated the dependencies in `go.mod` and ran `make gen` to update the vendored dependencies. This should help us stay up-to-date with the latest security patches and bug fixes. The...
Why doesn't CodeQL support auditing PHP If you want to add PHP syntax engine later, you can write ql audit PHP source code Thanks you very much!
Bumps [lazy_static](https://github.com/rust-lang-nursery/lazy-static.rs) from 1.4.0 to 1.5.0. Commits be7c1c4 point readme version to 1.5.0 8971a27 update readme build badge 15691ec Modernize lazy-static infra (#219) 2660041 Merge pull request #206 from TheBotlyNoob/master...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Hi hello, I'm a committer for the Chromium project & we've been experimenting with building CodeQL databases of Chromium. ### Context While building the Chromium CodeQL database, in addition to...
Align severity with other command injection vulnerabilities: - https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql#L8 - https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/go/ql/src/Security/CWE-078/CommandInjection.ql#L7 - https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/swift/ql/src/queries/Security/CWE-078/CommandInjection.ql#L7 - https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/javascript/ql/src/Security/CWE-078/CommandInjection.ql#L7
Align severity with other command injection vulnerabilities: - https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql#L8 - https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/go/ql/src/Security/CWE-078/CommandInjection.ql#L7 - https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/swift/ql/src/queries/Security/CWE-078/CommandInjection.ql#L7 - https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/javascript/ql/src/Security/CWE-078/CommandInjection.ql#L7
**Summary** This PR improves the situation described in https://github.com/github/codeql/issues/16780 where halving the available `CODEQL_RAM` between the Typescript and JVM processes can lead to an out-of-memory condition. **Approach** This PR modifies...
